10-11-2008 01:45 PM - edited 03-09-2019 09:39 PM
I've setup webvpn on a 3825 and AnyConnect clients can connect and check for updates but none can reach any addresses on the internal network. The IP addresses they are issued are not pingable from the router. I'm a bit of a novice but I've checked all of the support articles and can't seem to figure out what I've done wrong. Any pointers would be appreciated.
3800 Software (C3825-ADVENTERPRISEK9-M), Version 12.4(20)T
10-11-2008 04:26 PM
do u have the nat emption configured correctly
u need to have a deny staement in ur nat ACL should be first line which deny any ip traffic from ur internal LAN to the IP address pool of the anyconnect
this will exmpt the returne traffic to vpnuseres from being nated
good luck
if helpful Rate
10-14-2008 10:40 AM
I've done some homework on nat exemptions and I think I set them up correctly but maybe not. I still can't ping from the client to the internal network nor from the internal network to the assigned client pool ip.
I've attached my configuration and output from a debug of the ping and nat. If someone can make any more suggestions they would be appreciated.
10-15-2008 03:18 PM
I wanted to post a final update. I found my error. WebVPN on my 3825 is now working as expected. It was a routing issue unrelated to the WebVPN setup.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide